next up previous
Next: 3 Comparison Up: 2 Position Previous: 2.1 Abstract Specification

2.2 Design and Implementation

B [1] specifications of steam boiler components were defined from the above theories. Standard techniques were used to code up temporal logic constraints. For example the temporal constraint

\begin{displaymath} \alpha ~\implies~ (\gamma ~{\cal U}~ \beta) \end{displaymath}

can be formalised by a boolean flag $gamma\_until\_beta$, initialised to FALSE, and preconditions $gamma\_until\_beta = FALSE$ on every controller action except $\gamma$ and $\beta$ and method definitions: 
\(\alpha = {\sc pre} gamma_until_beta = FALSE \land \ldots \) 
  \( {\sc then} \) 
  gamma_until_beta := TRUE || 
  \( \vdots \) 
  \( {\sc end} \);
  \(\beta = \ldots \) 
  gamma_until_beta := FALSE

A C executable of 3098 lines of code was produced from the B implementations. A number of test scenarios were input to this executable, following the format defined in [2].


K. Lano, J. Bicarregui, T. Maibaum, and J. Fiadeiro
Sept. 2, 1997